Common Cyber Security Threats and How to Avoid Them

“A cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.” (Cisco.com)

Have you ever fallen victim to a cyberattack? If so, rest assured – you are not alone. Every year cybercriminals develop new methods to steal information from consumers, companies, and employees. In 2020, things have gotten particularly sticky.

According to this year’s Verizon Business Data Breach Investigations Report, email users are more likely to click on links related to COVID-19, compared to other topics. Some of the keywords criminals use are masks, tests, quarantine, and vaccine. There’s no doubt about it – the pandemic has created fruitful conditions for cybercriminals.

Since cybersecurity teams are busier than ever, now is a good time for a quick refresher. Here are some common cyber-attack examples.

Phishing

Phishers send emails that appear to come from trusted sources, with the goal of stealing personal information from unwitting users or influencing them to engage in a detrimental action (like clicking on a link or sharing financial information). PayPal is one of the most often impersonated brands. This is unsurprising, because any service like that deals with money transfers is a desirable target for cybercriminals.

Malware

Malware, or malicious software, is software that hackers install onto your computer through devious methods. Oftentimes, the software is downloaded after a user clicks on a link to a service or reward. The most common examples of malware are:

• Ransomware – which threatens to publish a victims’ data or holds it hostage until a ransom is paid.
• Fileless Malware – malicious software that makes changes to native files, using legitimate programs to infect the computer.
• Trojan Virus – malicious code that disguises itself as normal code and can take control of your computer.
• Computer Worm – a malicious software program that spreads through a network by replicating itself – infecting otherwise healthy code.

SQL Injections

A Structured Query Language injection is a technique used to attack data-driven applications. During the attack, malicious code is inserted into the server, forcing it to reveal sensitive information. The scary part is, if successful, the hacker can read, modify, update, delete or steal sensitive information. The attacker can also act as administrator – allowing him or her to execute administration processes like shutdown and data recovery. They can even create commands for the operating system. Yikes.

Denial-of-Service attack (DoS)

DoS attacks are used by hackers to overload systems, networks, or servers with traffic, thereby rendering them unresponsive to users’ requests. Cyber attackers can also use multiple devices to launch an assault. This is called a distributed denial of service attack (DDoS). One of the most recent DDoS attack attempts occurred in February of 2020, on Amazon Web Service. The attack targeted an unidentified AWS customer, and it was the largest cyberattack effort ever recorded.

Conclusion: Common cyber security threats

It is essential that companies remain vigilant in their efforts to stave off cyberattacks.

The unfortunate truth is that the types of cyber threats discussed in this article are just the tip of the iceberg. Hackers are constantly innovating – seeking new ways to compromise private data. For mid to large sized companies, high level cyber security support is not a luxury. It’s a necessity.

Thankfully, simple best practices can go a long way. These include keeping anti-virus databases up to date, insisting users adopt strong passwords, staying on top of backups, educating and training employees, and consistently auditing your IT systems to stay on top of suspicious activities.